AI accountability: Considerations for privacy professionals

Artificial intelligence governance has become a priority for organizations looking to develop or deploy AI solutions responsibly, and it has a significant potential impact for privacy professionals. The concept is often loosely defined within organizations, with many clear only on the fact that they should be doing something with AI governance rather than what they should be doing or how to execute it across their enterprise, products and operations.

Standards and frameworks for AI governance have begun to emerge — with the International Organization for Standardization's ISO 42001 and the National Institute of Standards and Technology's Responsible AI Framework at the forefront — and are continuing to mature as global regulation evolves. However, defining responsibility for AI governance within an organization is critical to ensure it is implemented ethically and compliantly. This ownership is nuanced and often sits across multiple business areas to ensure the full range of legal, technical and compliance risks are appropriately assessed, and it will likely vary depending on each organization's level of maturity and risk posture.